Site icon Eminence Papers

Assembling a Toolkit- Network Security Assessment

Assembling a Toolkit- Network Security Assessment

Software Applications or “Tools” I Would Use

The open-source tool I would use in conducting network security assessments would be OSSEC. OSSEC is a free Host-based Intrusion Detection System that can execute real-time monitoring and evaluation. I preferred using this tool because it is composed of a solid correlation and analysis engine that permits integrity checks, windows registry monitoring, log analysis, and security policy enforcement (Bray et al., 2008). Various advantages would be realized as a result of utilizing the OSSEC tool. For instance, the OSSEC tool provides real-time alerts for incidents and initiates active responses. Also, the tool complies with security auditing standards such as CIS and PSCI-DSS (Bray et al., 2008). The last benefit of using the OSSEC tool is that it effectively collects system information and acts as a system inventory.

Platform (Operating System) I Would Use

Several operating systems can support the running of the OSSEC tool. For instance, I can run this tool on Linux/GNU because it is compatible with Slackware, Debian, Ubuntu, and even RHEL (Gibson & Igonor, 2020). I may also run the OSSEC tool on all NetBSD, OpenBSD, or FreeBSD versions.

Differences with Toolkits for an Application Security Assessment and Wireless Security Assessment and Other Types of Related Assessments

The OSSEC toolkit differs from other network assessment tools in various respects. For instance, the OSSEC tool works by checking the systems’ log files for any available threats. It then proceeds to alert the users on the specific parameters that should be rectified to counter the threat recorded (Hilario et al., 2021). On the other hand, a network assessment tool like Snort evaluates network traffic in real time. This tool performs this function by sniffing through each passing data packet to detect the presence of any possible threats that may be impacting the network under use. The alert for suspicious activity is immediately sent to the Syslog, a separate file intended specifically for alerts (Hilario et al., 2021). The other types of assessments can be conducted using other tools such as Nmap, Metasploit, KaliLinux, and OpenVas.

References

Bray, R., Cid, D., & Hay, A. (2008). OSSEC host-based intrusion detection guide. Syngress.

Gibson, D., & Igonor, A. (2020). Managing Risk in Information Systems. Jones Bartlett Learning.

Hilario, F., Mayhuasca, J., Rodriguez, C., Liendo, M., & Sanchez, G. (2021). A comparative study of tools for intrusion detection technologies in cyberspace. Int. J. of Aquatic Science12(2), 2614-2624.

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

Question 


If you were tasked with assembling a ‘toolkit’ using only free or open source tools to perform network security assessment.

Assembling a Toolkit- Network Security Assessment

(1)What software applications or “tools” would you use?

(2)What platform (Operating System) would you use?

(3)How does this toolkit differ from that you would use for an application security assessment or wireless security assessment? You can list other types of related assessments if you know how you might adjust for the given scenario.

Exit mobile version